I've been programming in C for years, and never experienced troubles
until I started using the new RealC-32, a freeware C compiler from the
same company that makes RealPlayer and Quicktime. That's when the
trouble started. See, RealC-32 is like any other C compiler but with
one notable difference. Any time your code invokes undefined
behavior-- for example by dereferencing an uninitialized pointer--
rather than the usual segmentation fault, instead the program will chug
along as usual, but will silently start launching spam emails and
spyware from the computer.
It was only a matter of time before I accidentally forgot to initialize
a pointer before dereferencing it. Then, sure enough, in place of the
usual segfault, my computer started sending porn to every email account
on the 'net. Hours later, the feds busted down my door and I was
hauled off kicking and screaming.
At my trial I insisted I was not responsible for the spam, that it was
the fault of RealC-32. But a representative from the company pointed
out that they were completely in compliance with the C standard, which
allowed them free reign to do as they pleased with my computer once I
dereferenced that uninitialized pointer. The judge agreed that I was
merely using a RealC-32 extension to simplify the creation of the
spam-sending software, and that I was just as responsible for it as I
would be if I'd explicitly programmed it using, say, gcc. In the end I
was forced to succumb to their logic-- they were, afterall, quite
right.
EPILOGUE
Stone McStone continues to serve hard time in a federal "pound me in
the ass" prison. Hopefully he's learned his lesson about dereferencing
uninitialized pointers! RealC-32 has made millions of dollars by
selling adware contracts to small startup businesses. They are
currently negotiating with Diebold Inc. trying to win the contract to
provide the C compiler for Diebold's controversial e-voting machines.
Sep 17 '06
27 2023
Simon Biber wrote:
Frederick Gotham wrote:
No he didn't.
I've been programming in C for years, and never experienced troubles
until I started using the new RealC-32, a freeware C compiler from the
same company that makes RealPlayer and Quicktime.
Spiros Bousbouras wrote:
My theories in random order:
1) Troll.
2) Someone very bored who decided to post random
stuff on a group.
<SNIP>
1) Troll or joke, take your pick.
2) What? Bored? Isn't everyone on this group?
I'm not.
Harald van Dijk wrote:
Simon Biber wrote:
>Frederick Gotham wrote:
>>I've been programming in C for years, and never experienced troubles until I started using the new RealC-32, a freeware C compiler from the same company that makes RealPlayer and Quicktime.
No, Frederick Gotham did not write that.
My apologies to Frederick; I got confused.
--
Simon. st**********@ya hoo.com wrote:
At my trial I insisted I was not responsible for the spam, that it was
the fault of RealC-32. But a representative from the company pointed
out that they were completely in compliance with the C standard, which
allowed them free reign to do as they pleased with my computer once I
dereferenced that uninitialized pointer.
Actually that is an interesting point. Supposing this compiler did
actually exist, who should be found to be responsible for the spam?
Assuming you answer 'the makers of RealC-32', it seems there is a
sliding scale between this case, and the case of a regular program
on a regular compiler accidentally formatting the harddrive due to UB.
Old Wolf wrote:
st**********@ya hoo.com wrote:
At my trial I insisted I was not responsible for the spam, that it was
the fault of RealC-32. But a representative from the company pointed
out that they were completely in compliance with the C standard, which
allowed them free reign to do as they pleased with my computer once I
dereferenced that uninitialized pointer.
Actually that is an interesting point. Supposing this compiler did
actually exist, who should be found to be responsible for the spam?
Assuming you answer 'the makers of RealC-32', it seems there is a
sliding scale between this case, and the case of a regular program
on a regular compiler accidentally formatting the harddrive due to UB.
Well the makers should be responsible for behaviour that
a reasonble man would not anticipate.
So if the makers put a big red notice on the front of every
box saying "Warning, if you compile any program that
invokes behavious undefinied by the C standard, this
compiler will create an executable that sends out spam",
the makers would probably be fine (although they would
not sell many compilers). Otherwise they should
be responsible for the spam because a resonable man would
not expect a simple programming error to result
in a spamming executable.
On the other hand a reasonable man should expect that
a simple programming error would cause an
executable that attemps to execute at random locations
to be produced. If he runs this executable in
a system where such an executable can cause
damage, he has no one but himself to blame for
the damage.
- William Hughes
William Hughes wrote:
>
Old Wolf wrote:
[...]
Actually that is an interesting point. Supposing this compiler did
actually exist, who should be found to be responsible for the spam?
Assuming you answer 'the makers of RealC-32', it seems there is a
sliding scale between this case, and the case of a regular program
on a regular compiler accidentally formatting the harddrive due to UB.
Well the makers should be responsible for behaviour that
a reasonble man would not anticipate.
So if the makers put a big red notice on the front of every
box saying "Warning, if you compile any program that
invokes behavious undefinied by the C standard, this
compiler will create an executable that sends out spam",
the makers would probably be fine (although they would
not sell many compilers). Otherwise they should
be responsible for the spam because a resonable man would
not expect a simple programming error to result
in a spamming executable.
What if the warning said:
Warning! If you compile any program that invokes undefined
behavior, the results may be *ANYTHING*, including, but not
limited to, the melting of your CPU, demons flying out of
your nose, or the slaying of your first-born male child. We
are not responsible for the results of your use of undefined
behavior.
[...]
--
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody | www.hvcomputer.com | #include |
| kenbrody/at\spamcop.net | www.fptech.com | <std_disclaimer .h|
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:Th***** ********@gmail. com>
Kenneth Brody wrote:
William Hughes wrote:
Old Wolf wrote:
[...]
Actually that is an interesting point. Supposing this compiler did
actually exist, who should be found to be responsible for the spam?
>
Assuming you answer 'the makers of RealC-32', it seems there is a
sliding scale between this case, and the case of a regular program
on a regular compiler accidentally formatting the harddrive due to UB.
Well the makers should be responsible for behaviour that
a reasonble man would not anticipate.
So if the makers put a big red notice on the front of every
box saying "Warning, if you compile any program that
invokes behavious undefinied by the C standard, this
compiler will create an executable that sends out spam",
the makers would probably be fine (although they would
not sell many compilers). Otherwise they should
be responsible for the spam because a resonable man would
not expect a simple programming error to result
in a spamming executable.
What if the warning said:
Warning! If you compile any program that invokes undefined
behavior, the results may be *ANYTHING*, including, but not
limited to, the melting of your CPU, demons flying out of
your nose, or the slaying of your first-born male child. We
are not responsible for the results of your use of undefined
behavior.
Then the makers would be saying that the use of the
program might be dangerous indeed
No one would purchase the compiler. This is an
indication that conformance to the C standard is
not a sufficient condition for comercial success.
(DUH!)
So when you are discussing more than whether
a given program has behaviour specified by the C standard you
have to take other factors into acount. However, the
restricted question of whether a given program has
behaviour specified by the C standard is an
interesting question. Indeed, it is often discussed on comp.lang.c
- William Hughes
"William Hughes" <wp*******@hotm ail.comwrites:
Kenneth Brody wrote:
>What if the warning said:
Warning! If you compile any program that invokes undefined behavior, the results may be *ANYTHING*, including, but not limited to, the melting of your CPU, demons flying out of your nose, or the slaying of your first-born male child. We are not responsible for the results of your use of undefined behavior.
Then the makers would be saying that the use of the
program might be dangerous indeed
No one would purchase the compiler. This is an
indication that conformance to the C standard is
not a sufficient condition for comercial success.
A popular compiler comes with strong warnings attached also:
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
However, these warnings have not prevented it from becoming
widely used.
--
Just another C hacker.
Kenneth Brody <ke******@spamc op.netwrites:
William Hughes wrote:
>Old Wolf wrote:
[...]
Actually that is an interesting point. Supposing this compiler did
actually exist, who should be found to be responsible for the spam?
Assuming you answer 'the makers of RealC-32', it seems there is a
sliding scale between this case, and the case of a regular program
on a regular compiler accidentally formatting the harddrive due to UB.
Well the makers should be responsible for behaviour that a reasonble man would not anticipate.
So if the makers put a big red notice on the front of every box saying "Warning, if you compile any program that invokes behavious undefinied by the C standard, this compiler will create an executable that sends out spam", the makers would probably be fine (although they would not sell many compilers). Otherwise they should be responsible for the spam because a resonable man would not expect a simple programming error to result in a spamming executable.
What if the warning said:
Warning! If you compile any program that invokes undefined
behavior, the results may be *ANYTHING*, including, but not
limited to, the melting of your CPU, demons flying out of
your nose, or the slaying of your first-born male child. We
are not responsible for the results of your use of undefined
behavior.
[...]
Then a user suing the compiler vendor for damages would not be able to
cite violation of the ISO C standard. The question of whether he'd be
able to cite anything else, or whether such a warning has any *legal*
significance, is well beyond the scope of this newsgroup.
--
Keith Thompson (The_Other_Keit h) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <* <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Pmb |
last post by:
Hi. I'm new to this group. I'm refreshing/learning C++ and am starting to
learn Object Oriented Programming (OOP). In discussing this with people I
came up short as to what the benefits of OOP are. For example: As I
understand it, OOP has its main benefit in software reuse. Thus one develops
a software library of classes and this cuts down the overhead of reinventing
the wheel. Someone might say that this can be done with structured...
|
by: Bibby |
last post by:
Hi, I'm interested in getting started in the programming world. I've dabbled
in C, C++ and VB6. Which would be the best language to focus my attention to
regarding the following considerations:
Hireability
Portability
Flexibility
The likely candidates seem to be Java, VB.Net, C, C++, C#.
|
by: PRESENT321 |
last post by:
I just wanted to get some advice.
I've had a few years experience in web site design and server-side
programming and am fairly confident in my skills.
There is a local Credit Union wanting to add a few features to their
site (bill pay, transfer money between banks) and I am interested in
the job.
However, I've never worked for a bank before. Any suggestions about
how to win the job, and how to ensure my work is secure enough for this
|
by: @(none) |
last post by:
Hi, I need to learn the necessary and sufficient C programming knowledge
in order to be able to implement number theory and graph theory
algorithms (as RSA or Dijkstra algorithms). No system programming no
network programming nor graphic programming.
Any advice ? Any link to a non verbose reference ?
Thanks in advance,
|
by: Bret Pehrson |
last post by:
This message isn't spam or an advertisement or trolling.
I'm considering farming some of my application development to offshore shops
(I'm in the US). I have absolutely *no* experience w/ this, and therefore I'm
looking for comments, suggestions, etc. on how to go about this w/o getting
screwed.
My current application development is primarily database-driven apps in C++/C#,
so I'm looking for programmers w/ up-to-date skills.
| |
by: John Salerno |
last post by:
There is an article on oreilly.net's OnLamp site called "The World's
Most Maintainable Programming Language"
(http://www.oreillynet.com/onlamp/blog/2006/03/the_worlds_most_maintainable_p.html).
It's not about a specific language, but about the qualities that would
make up the title language (learnability, consistency, simplicity,
power, enforcing good programming practices). I thought this might be of
interest to some of you, and I...
|
by: pavan |
last post by:
Is there a modern (OO, garbage collected etc...) programming language
that can server as a good alternative for C for system programming. I
wouldn't want to compromise too much on performance.
|
by: CoreyWhite |
last post by:
I bought this book years ago, when I was just learning C++. Since
then I've gone through every math course offered at my college, taken
courses on coding C & thinking in terms how how to make the smallest
tightest algorithms to preform specific functions. I've also grown
and matured a lot, and am wiser and older. I'm reading through the C+
+ Programming Language, Third Edition now, and I can actually
understand it. I can understand it...
|
by: Banfa |
last post by:
Posted by Ganon11
So, you want to learn how to program! Good for you! Programming is a very intruiging and fun activity to pick up, and it's also a great career choice if you like it! Finally, it can be a great brain teaser-type activity, as you challenge yourself with creative and difficult problems!
But there's a problem.
What I'm typing in right now is English. It's cool, it lets you understand what I'm saying, and we've spoken...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |